<?php
ob_start();
session_start();
include_once ('../../config.php');
if ($_SESSION['rang'] > 20) 
	{
		if ($_POST['rang'] != "" && $_POST['mail'] != "" && $_POST['password'] != "") {
				$sql = "SELECT * FROM logins WHERE login='".$_POST['mail']."'";
				
				$result = mysql_query($sql,$conn) or die(mysql_error()) ;
				
				if( mysql_num_rows( $result ) != 0 ) {
					echo "Dit mailadres is al in gebruik";
				} else {
					$sql = 'INSERT INTO `logins` (`id`, `login`, `password`, `rang`) VALUES (NULL, \''.$_POST['mail'].'\', \''.md5($_POST['password']).'\', \'5\');';

					$result = mysql_query($sql,$conn) or die(mysql_error()) ;
					
					
					$sql = "SELECT id FROM logins WHERE `login` = '" . $_POST['mail'] . "'AND `password` = '" . md5($_POST['password']) . "';";
					$result = mysql_query($sql,$conn) or die(mysql_error()) ;
	
// 					echo $sql;					

				if( mysql_num_rows( $result ) != 1 ) {
					echo "Er is een fout opgetreden -> F1";
				} else {

						while($data = mysql_fetch_assoc($result)) {
						
								
						$sql = 'INSERT INTO `leerlingen` (
						`id`, `login-id`, `voornaam`, `achternaam`, `geb-datum`, `klas-id`, `telefoon`, `straat`, `nummer`
						) VALUES 
						(
						NULL,
						\''.$data['id'].'\',
						\''.$_POST['voornaam'].'\',
						\''.$_POST['achternaam'].'\',
						\''.$_POST['geb-datum'].'\',
						\''.$_POST['klas-id'].'\',
						\''.$_POST['telnr'].'\',
						\''.$_POST['straat'].'\',
						\''.$_POST['nummer'].'\');';
						mysql_query($sql,$conn) or die(mysql_error());
								$sql = "SELECT id FROM leerlingen WHERE `login-id` = '" . $data['id'] . "';";
								$result = mysql_query($sql,$conn) or die(mysql_error()) ;
				
			
								if( mysql_num_rows( $result ) != 1 ) {
								echo "Er is een fout opgetreden -> F2";
								} else {
									$data = mysql_fetch_assoc($result);
						echo "<a onclick=\"AjaxTabs.SetURL('pages/leerlingen/bekijk.php?id=".$data['id']."');\">De gebruiker is toegevoegd. Klik hier om verder te gaan</a>";
}
					}
				}


				}
			} else {
				echo 'Check invoer!';
				
			}
		
	} 
	else 
	{
		echo 'Hm... Poging tot misbruiken van het systeem?';
	}
?>














<?php
ob_end_flush();
?>